package com.hddf.project.interceptor;

import java.io.PrintWriter;
import java.util.HashMap;
import java.util.Map;

import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.struts2.ServletActionContext;

import com.hddf.project.util.JsonProvider;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.AbstractInterceptor;

public class AuthInterceptor extends AbstractInterceptor {

	/**
	 * 
	 */
	private static final long serialVersionUID = 1L;

	@Override
	public synchronized String intercept(ActionInvocation invocation) throws Exception {

		HttpServletRequest request = (HttpServletRequest) invocation.getInvocationContext().get(ServletActionContext.HTTP_REQUEST);
		HttpServletResponse response = (HttpServletResponse) invocation.getInvocationContext().get(ServletActionContext.HTTP_RESPONSE);

		// /*
		// * 测试代码
		// */
		// User user = new User();
		// user.setId(1);
		// user.setUsername("测试员");
		// request.setAttribute("user", user);
		// String uri2 = request.getRequestURI();
		// uri2 = uri2.substring(5);
		// if (uri2.indexOf(";") != -1) {
		// uri2 = uri2.substring(0, uri2.indexOf(";"));
		// }
		// request.setAttribute("uri", uri2);
		// return invocation.invoke();

		/*
		 * 正式代码
		 */

		Map<String, Object> m = null;

		CookieService cs = CookieService.getInstance();
		Cookie ctoken = cs.getCookieByName(request, "to");
		Cookie ctime = cs.getCookieByName(request, "ti");
		boolean b = (null != ctime && !"".equals(ctime.getValue()));
		boolean b2 = (null != ctoken && !"".equals(ctoken.getValue()));
		if (b && b2) {
			String web_token = ctoken.getValue();
			String web_time = ctime.getValue();

			String uri = request.getRequestURI();
			uri = uri.substring(5);
			if (uri.indexOf(";") != -1) {
				uri = uri.substring(0, uri.indexOf(";"));
			}
			GetData gd = new GetData();
			m = gd.checkUser(web_token, web_time, uri);

			System.out.println("_____________________________________________AuthInterceptor：" + JsonProvider.getJson(m));

			String str = (String) m.get("msg");
			if (!"".equals(str) && null != str && 0 != str.length()) {
				if (request.getHeader("x-requested-with") != null && request.getHeader("x-requested-with").equals("XMLHttpRequest")) {
					response.setCharacterEncoding("utf-8");
					response.setContentType("application/json;charset=UTF-8");
					PrintWriter out = response.getWriter();
					Map<String, Object> result = new HashMap<String, Object>();
					result.put("state", "noLogin");
					result.put("msg", "请登录后在操作");
					out.print(JsonProvider.getJson(result));
					out.flush();
					out.close();
					return null;
				} else {
					return "login";
				}
			} else {
				String permission = (String) m.get("permission");
				String webtoken = (String) m.get("webtoken");
				cs.addCookie(response, "to", webtoken, 0);
				request.setAttribute("user", m.get("user"));
				request.setAttribute("uri", uri);
				if (permission.equals("ok")) {
					return invocation.invoke();
				} else {
					if (request.getHeader("x-requested-with") != null && request.getHeader("x-requested-with").equals("XMLHttpRequest")) {
						response.setCharacterEncoding("utf-8");
						response.setContentType("application/json;charset=UTF-8");
						PrintWriter out = response.getWriter();
						Map<String, Object> result = new HashMap<String, Object>();
						result.put("state", "noPermission");
						result.put("msg", "您没有该操作的权限");
						out.print(JsonProvider.getJson(result));
						out.flush();
						out.close();
						return null;
					} else {
						return "no_permission";
					}
				}
			}
		} else {
			if (request.getHeader("x-requested-with") != null && request.getHeader("x-requested-with").equals("XMLHttpRequest")) {
				response.setCharacterEncoding("utf-8");
				response.setContentType("application/json;charset=UTF-8");
				PrintWriter out = response.getWriter();
				Map<String, Object> result = new HashMap<String, Object>();
				result.put("state", "noLogin");
				result.put("msg", "请登录后在操作");
				out.print(JsonProvider.getJson(result));
				out.flush();
				out.close();
				return null;
			} else {
				return "login";
			}
		}
	}
}
